WO2009003708A1 - Device and method for digital rights management - Google Patents
Device and method for digital rights management Download PDFInfo
- Publication number
- WO2009003708A1 WO2009003708A1 PCT/EP2008/005448 EP2008005448W WO2009003708A1 WO 2009003708 A1 WO2009003708 A1 WO 2009003708A1 EP 2008005448 W EP2008005448 W EP 2008005448W WO 2009003708 A1 WO2009003708 A1 WO 2009003708A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- rights object
- information
- memory area
- rights
- received
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 23
- 238000007726 management method Methods 0.000 claims description 15
- 238000004590 computer program Methods 0.000 claims description 7
- 238000009434 installation Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
Definitions
- the present invention generally relates to digital rights management and, more particularly, to a backup and transfer of digital rights.
- Digital rights management describes a concept by which media providers enforce limitations on usage and distribution of digital media content.
- DRM Digital rights management
- OMA Open Mobile Alliance
- the OMA DRM family comprises digital rights management standards that are developed by the Open Mobile Alliance. To date, the OMA DRM family comprises:
- SRM OMA Secure Removable Media
- SCE OMA Secure Content Exchange
- the OMA DRM system enables content issuers to distribute DRM protected content and rights issuers (RIs) to issue rights objects (ROs) for the DRM protected content.
- the DRM system is independent of media object formats, operating systems, and run-time environments. Contents protected by DRM can be of a wide variety, including games, ring tones, photos, music clips, video clips, streaming media, etc.
- rights issuers i.e. an entity that issues rights objects to DRM conformant devices.
- Rights issuers grant appropriate permission for the DRM protected content to use it on DRM conformant devices.
- the content is cryptographically protected when distributed and, hence, will not be usable without an associated rights object (RO) issued for the users device.
- DRM protected content can be delivered to the device by any means, for example, over the air, LAN/WLAN, local connectivity, removable media, etc.
- Rights objects are tightly controlled and distributed by the rights issuer in a controlled manner. DRM protected content and rights objects may be delivered to the device together or separately.
- the backup of rights comprises copying an OMA DRM v2. x rights object (RO) from a originating device to another medium.
- the copied rights object is called backup rights object.
- the backup rights object remains cryptographically bound to the originating device, such that it can only be restored or reinstalled to the originating device.
- a backup rights object cannot be used to exercise the rights on any other device than the originating device.
- the backup of rights is possible from OMA DRM v2.0 onwards.
- the process of restoring or reinstalling a backup rights object and making it usable on the device is called installing a backup rights object.
- the move of rights comprises moving or transferring a rights object between two devices, i.e. from an originating or source device to a sink device.
- the rights object is only cryptographically bound to the source device, i.e., only the source device can exercise the rights.
- the rights object is only bound to the sink device, i.e., only the sink device can exercise the respective rights.
- DRM In the OMA DRM family, some form of moving rights appears in DRM v2.1. There, a move of rights is possible by uploading a rights object to an OMA DRM rights issuer (RI) and downloading it to another device.
- OMA DRM rights issuer In SRM, protocols for the move of rights between a device and a secure removable media are defined, i.e., a removable media that implements means to protect against unauthorized access to its internal data (e.g. secure memory card, smart card) .
- SCE protocols for the move of rights between devices are specified.
- Stateful rights objects have a state that changes during an exercise of rights. For example, a rights object can allow a certain piece of content to be played three times. In this case, the state is the number of plays left.
- Stateless rights objects are rights objects that are not stateful. Both stateful and stateless rights objects can be bound to a single device, in which case they are called device rights objects, or to a group of devices belonging to the same user, in which case they are called domain rights objects.
- DRM v2.1 some protection mechanisms against replay of stateful rights objects are defined, which prevent an unauthorized extension of granted rights, for example, extending the number of plays originally granted to the device.
- Such protection mechanisms comprise keeping track of all received stateful rights objects in a local cache.
- Each entry of the local cache comprises a globally unique identification of the stateful rights object and a tinaestamp of the rights issuer (RI timestamp) for this rights object.
- RI timestamp rights issuer
- a device will only install received stateful rights objects that are not already listed in the local cache memory (DRM v2.1, section 10.4). Additionally, stateful domain rights objects without a RI timestamp are kept in a separated local cache, which only keeps track of the unique identification of the rights object.
- DRM v2.1 defines yet another local cache to prevent the replay of stateless rights objects uploaded to a rights issuer.
- a device uploads a stateless rights object to the rights issuer, a new entry with a unique identification of the rights object and the rights object timestamp is inserted in the cache.
- a user makes a backup of the rights object from the source device.
- a user makes a backup of the stateful rights object.
- the user consumes some of the rights (changing the state) .
- the user removes the rights object and accompanying state information from the device.
- the user restores the backup rights object to the device .
- the attacker can exercise the rights as they were before the state was changed.
- Embodiments of the present invention are based on the finding that a high level of digital media content protection and user flexibility can be achieved by providing a DRM device with means for protocolling any moves of rights objects from said DRM device to another medium or DRM device.
- the DRM device may be equipped with a memory area for storing information related to rights objects that have been transferred from the DRM device to another medium.
- information on this rights object is compared to the information stored in the memory area related to previously moved rights objects. In case this comparison yields that the rights object to be installed on the DRM device has previously been moved or transferred from the DRM device to somewhere else, the restoration or installation of said rights object is cancelled or rejected.
- Embodiments of the present invention provide a DRM device comprising a memory area for storing information on a rights object that has been transferred from the DRM device to another DRM device, wherein the rights object comprises permission linked to a digital media object and a processor for receiving a rights object, wherein the processor is operative to access the memory area to check whether information on the received rights object is stored in the memory and to set up the received rights object on the DRM device in case the information on the received rights object is not stored in the memory area and to reject the received rights object in case the information on the received rights object is stored in the memory area.
- the memory area for storing information on transferred rights objects may be a cache memory and will therefore be also referred to as move cache in the sequel.
- the move cache may only keep a small amount of information on the rights object that uniquely identifies the rights object rather than the complete rights object.
- this small amount of information may be a piece of a cryptographic hash over the complete rights object. Thereby, a size of the piece may be taken such that it is very improbable that two different rights objects lead to the same rights object hash or to the same piece of their associated rights object hashes.
- the move cache may be an unprotected memory area of the DRM device. However, a cryptographic hash over the (unprotected) move cache may preferably reside in a protected memory area, such that a compromise of the move cache may be detected.
- the size of the move cache is limited.
- the move cache exhausts, i.e., information on a plurality of rights objects exceeds the size of the move cache
- embodiments of the present invention allow to store at least parts of said move cache in a further memory area or on another medium, which might comprise unprotected memory.
- this storing of at least parts of the move cache will be referred to as export from the move cache.
- the local move cache in the DRM device may only keep a cryptographic hash over the part of the move cache that was exported and the point in time on which the export happened. This point in time, the so-called exported move cache timestamp, is also stored in the exported move cache according to an embodiment of the present invention.
- the processor first checks if the backup rights object or information related thereto resides in the move cache. If so, the backup rights object is not installed on the DRM device. If the rights object or information related thereto is not in the move cache, but a related rights object timestamp indicates a time after a last export of the move cache, the rights object is accepted for installation or restoration on the DRM device. If the rights object's timestamp indicates a time before the last export of the move cache, the processor checks the exported move caches from a most recent one to older ones until the rights object or information related thereto is found or until a timestamp of the exported move cache indicates a time of the move cache export earlier than the rights object's timestamp. If the rights object is not found in any move caches, including the exported move caches, the backup rights object may be reinstalled or restored on the DRM device.
- Embodiments of the present invention allow the use of both move and backup of rights in the OMA DRM family, but avoid the danger of duplicating said rights. This may increase user experience and user acceptance, since a backup of rights does not restrict the user's flexibility related to said rights.
- the introduction of the move cache for storing the information on rights objects may also avoid an attack of replaying a stateless rights object to a DRM device by an out-of-band delivery after this stateless rights object has been moved from the DRM device e.g. to a secure removable media. This may prevent an unauthorized duplication of rights by an attacker.
- state information of rights objects comprised by the move cache may allow a user to backup stateful rights.
- a user may make a backup of any rights object, independent of it being stateless or stateful. This may make the backup operation consistent. A user does not need to understand why he may make a backup of certain rights objects whilst he cannot make a backup of other rights objects .
- a possibility to export the move cache to an external storage medium may prevent a user of being unable to move rights due to a full internal move cache of the DRM device.
- the storage of a timestamp of an export of the move cache may prevent a user to be requested for exported memory data as much as possible.
- a content issuer may benefit from embodiments of the present invention in that his interests in keeping contents safe is assured by the inventive concept, but a user has a more flexible use of the content . Due to the reduced restrictions, a user is more likely to buy protected content such that the content issuer sales are increased.
- Fig. la-c show principle steps of an attack scenario, which can be avoided by embodiments of the present invention.
- Fig. 2 shows a schematic block diagram of a DRM device according to an embodiment of the present invention
- Fig. 3 shows a principle structure of a memory area (move cache) for storing information on rights object according to an embodiment of the present invention
- Fig. 4 shows a flowchart of a digital rights management method according to an embodiment of the present invention.
- Fig. Ia shows a DRM device 10 having installed thereon a rights object 12 comprising permissions linked to a digital media object 14.
- a user wants to perform a backup of the rights object 12 by copying the rights object 12 from the DRM device 10 to another medium 16.
- the medium 16 may, e.g., be an external memory (e.g. secure memory card, smart card) or another DRM capable device.
- the resulting backup rights object 12' remains cryptographically bound to the originating device 10, such that it can only be restored to and replayed on the originating device 10. Hence, the backup rights object 12' cannot be used to exercise the rights on any other device than the originating device 10.
- the user might want to move the rights object 12 from the originating device 10 to a destination device 18.
- the rights object 12 is only cryptographically bound to the originating device 10, i.e., only the originating device 10 can exercise the rights in order, for example, to replay a content of the digital media file 14.
- the rights object 12 is deleted from the originating device 10 and the moved rights object 12'' is only bound to the destination device 18, i.e., only the destination device 18 can exercise the rights in order to also replay a transferred content of a copied digital media object 14'.
- the rights in form of the rights object 12 related to the digital media content 14 have been transferred from source device 10 to the destination device 18.
- embodiments of the present invention provide a device 20 capable of digital rights management, which is schematically shown in Fig. 2.
- the DRM device 20 comprises a memory area 22 for storing information on a rights object that has been transferred from the DRM device 20 to another DRM device (not shown) , wherein the rights object comprises permissions linked to an associated digital media object. Further, the DRM device 20 comprises a processor 24 for receiving a rights object, wherein the processor 24 is operative to access the memory area 22 to check whether information on the received rights object is stored in the memory area 22 and to set up the received rights object on the DRM device 20 in case the information on the received rights object is not stored in the memory area 22, and to reject the received rights object in case the information on the received rights object is stored in the memory area 22.
- the memory area 22 corresponds to the move cache.
- Examples of the DRM device 20 include personal computers, laptop computers, personal digital systems, mobile telephones, media players, work stations, file servers, mainframes, etc.
- the DRM device 20 could also be a removable component, such as a removable media card or one of the aforementioned devices.
- the DRM device 20 can also be a combination of the aforementioned devices.
- the DRM device 20 can communicate with other devices directly or via a network.
- the network may be any network that allows separate devices 20 to communicate, i.e., e.g., a local area network (LAN) , a wide area network (WAN) , a wireless LAN, a wireless WAN, the Internet, a wireless telephone network, etc.
- Different devices may communicate with each other and to the network through landlines (e.g. Tl, DSL, Cable, POTS) or wireless technology (e.g. Bluetooth, WLAN, WiFi, etc.).
- landlines e.g. Tl, DSL, Cable, POTS
- wireless technology e.g. Bluetooth, WLAN, WiFi, etc.
- the communication between different devices 20 can either be secure or non- secure .
- the move cache 22 is advantageously a part of a non-volatile memory area 26 of the DRM device 20.
- non- volatile memory include read-only memory, flash memory, most types of magnetic computer storage devices (e.g. hard disks, floppy disk drives, and magnetic tape) , optical disc drives, etc.
- the move cache 22 may keep only a small amount of information on rights objects that have been transferred from the device 20 rather than the complete rights objects.
- This small amount of information may be e.g. a piece of a cryptographic hash over a complete rights object, respectively, the piece of the cryptographic hash subsequently being called rights object hash.
- a hash generally denotes a result of a hash function applied to the complete rights object.
- a hash function is a reproducible method of turning some kind of data into a (relatively small) number that may serve as a digital fingerprint of the data (here: the rights object) .
- the hash function chops and mixes (i.e.
- the fingerprints are called hash sums, hash values, hash codes or simply hashes.
- the first six bytes of a SHA-I hash may be used as the rights object hash.
- other parts and/or other hashes are also conceivable.
- it is important to choose a size of a rights object hash such that it is very improbable that two different rights objects result in the same rights object hash.
- the move cache 22 is configured to store information on the rights object that uniquely identifies the rights object among a plurality of rights objects.
- the processor 24 may be configured to generate said unique information. That is, if the move cache 22 is configured to store at least a part of a cryptographic hash over the entire rights object as the information on the- rights object, the processor 24 is configured to generate at least the part of the cryptographic hash.
- the non-volatile memory area 26 in which the move cache 22 for storing the rights object information resides may be an unprotected memory.
- the move cache 22 should be large enough such that it can store a sufficient amount of rights object hashes, i.e., that it allows the moving of a sufficient number of rights objects.
- embodiments of the present invention provide for storing the move cache 22 or at least parts thereof on another (unprotected) medium (not shown) , which is indicated by the arrow 27. This external storing is called export from move cache 22.
- the move cache 22 in the DRM device 20 may only keep a cryptographic hash or a part of a cryptographic hash over the part of the move cache 22 that was exported and the point in time on which the export happened. This point in time, called exported move cache timestamp, may also be stored in the exported move cache.
- the hash over the move cache 22 and/or the part of the move cache that was exported may be determined in block 28 and stored in a protected memory area 30, according to embodiments of the present invention.
- a compromise of the exported memory move cache may be detected.
- the processor 24 checks as to whether information on the received rights object is stored in the move cache 22. If so, a rights object equal to the received rights object has been previously moved or transferred from the DRM device 20 and, therefore, the received (backup) rights object is not set up on the DRM device 20. If, however, information on the received rights object cannot be found in the move cache 22 and the rights object timestamp (value of the "timestamp" field in the rights object payload) indicates a value after a last export of the move cache 22, the received rights object is accepted and set up on the DRM device 20.
- a rights object which may be a backup rights object
- the processor 24 checks the exported move caches from the most recent one to older ones until it finds information on the received rights object or until the timestamp of the exported move cache is earlier than the rights object's timestamp. If information on the received rights object is not found in any move caches, including the exported move caches, the received rights object may be accepted and installed on the DRM device 20.
- FIG. 3 A schematic structure of the move cache 22 for storing information on rights objects that have been moved from the DRM device 20 to another DRM device is shown in Fig. 3.
- the move cache 22 includes memory fields 34-1 to 34-N, each storing information on a rights object that has been previously transferred from the DRM device 20, e.g. for the purpose of a backup.
- the stored information on the rights object may be a part of a hash over the complete rights object, respectively.
- the move cache 22 comprises memory fields 36-1 to 36-M for storing information on exported versions of the move cache 22.
- Fig. 3 also shows the structure of an exported version of the move cache 38 principally having the same structure as the move cache 22.
- the information over the exported versions of the move cache may include the hash over the exported versions, respectively, and a pointer to a memory location as to where to find the respective exported move cache version.
- the exported move cache versions 38 may reside in an unprotected memory area.
- the information 36-1 to 36-M on the exported move cache versions should reside in a protected memory area. Protection of memory can be achieved via different means. Memory protection can be achieved by cryptographic software algorithms or by hardware modifications. In any case, protection here means that the regarded memory area should be attack-secure.
- an exported move cache file may comprise cryptographic hashes of one or more former exported move cache files as it is indicated by reference numeral 39 in Fig. 3.
- the DRM device 20 only needs to store a limited amount of hashes over exported move caches and can rely on the exported move caches 38 to verify a hash of some other previously exported move cache. This prevents the filling of the move cache 22 on the DRM device 20 with hashes over exported move caches and in fact allows unlimited moving.
- Filling of the move cache 22 may be done in sequential order from a first entry to a last entry of the move cache. If the last entry is occupied, the DRM device 20 may request to export the move cache 22 and then starts again at the first entry by removing rights object hashes already stored only when a new rights object hash is to be stored. This prevents that the DRM device 20 has to request for exported move caches immediately after an export.
- the move cache 22 may also be used to allow a backup of stateful rights objects. In order to prevent that stateful rights are re-exercised, the move cache 22 may also comprise state information of stateful rights objects. When a stateful backup rights object is to be installed on the DRM device 20, the processor 24 may collect the state information from the move cache 22 or exported move caches 38 such that a user can exercise only the rights that he is still entitled to use.
- the method comprises a step 40 of receiving a rights object, which might be a backup rights object.
- processor 24 checks in a step 42 as to whether information on the received rights object is stored in the move cache 22. If the information on the received rights object is found in the move cache 22, the received rights object is rejected in a following step 44. However, if the information on the received rights object is not found in the move cache 22, the processor 24 further checks in a step 46 as to whether a timestamp of the received rights object is after the last export of the move cache 22.If this question is answered with "YES", the processor 24 accepts the received rights object for installation of the DRM device 20 in step 50.
- step 46 the processor 24 further checks in step 48 as to whether the information on the received rights object may be found in one of the previously exported move caches. If this is the case, a version of the received rights object has been previously moved from the DRM device 20, such that a re-installation is rejected by the processor 24 in step 44. However, if the information on the received rights object is also not found in any of the previously exported move caches, the DRM device 20 or the processor 24 accepts the received rights object for installation on the device 20 in step 50.
- the processor 24 is adapted to access the exported move cache 38, in case the information on the received rights object is not found in the move cache 22, to check whether the information on the received rights object is stored in the exported move cache 38.
- the processor 24 is adapted to compare the timestamp of the received rights object with time information on the time when the last export of the move cache took place in step 46 before accessing the exported move cache in step 48.
- the processor 24 is adapted to only access the exported move cache in case the timestamp of the received rights object indicates an issuance of the received rights object before the time when the last export of the move cache took place.
- a special memory area 22 which may be seen as a move cache, is proposed.
- This move cash is embedded in the DRM device 20 and keeps ' track of all moves of rights objects that occur from the device 20.
- the device 20 checks if information on the received rights object is stored in the move cache. If it is not, it may be concluded that the received rights object has not been previously moved to another device, and as a consequence the device 20 may restore or re-install the backup rights object. However, if information on the received rights object is found in the move cache or exported versions thereof (i.e., the rights object has been moved), it must not be restored or re-installed on the device 20.
- an inventive device 20 has a move cache 22 with a reliable identification for all stateless rights objects that have been moved e.g. to a SRM. This identification may be denoted as Global Unique Identifier (GUID) . However, a reduced size rights object identification may be used, such as the hash over the rights object container, e.g. truncated to a minimum size of 6 bytes.
- the move cache may also hold the ⁇ timeStamp> element (RITS) of the rights object.
- the processor 24 may insert the ⁇ GUID, RITS> pair corresponding to the rights object in the move cache 22.
- the processor 24 may replace the entry with the earliest RITS in the move cache 22 with the new ⁇ GUID, RITS> pair. If the RITS in the rights object is equal to or earlier than the earliest RITS in the move cache, the ⁇ GUID, RITS> pair is not inserted.
- the processor 24 may perform the following procedure:
- a) Check if the move cache contains the GUID of the received RO. If it does, then a) holds, otherwise a) fails. b) If a) holds, the RO is rejected. c) If a) fails and the move cache is not full, the RO is installed. d) If a) fails, the move cache is full and the RITS of the RO is after the earliest RITS in the move cache, the RO is installed. e) If a) fails, the move cache is full and the RITS of the RO is earlier than or equal to the earliest RITS in the move cache, the RO is rejected.
- Multiple copies of the same rights object i.e. two rights objects having the same ROID
- Disabled rights objects e.g. during a rights object upload or move protocol
- the device 20 may store a part with the oldest RITS values of the move cache on off- device storage. In this case, the device 20 should provide for integrity protection of the externally stored part. Additionally, the device 20 should record securely that and when it stored a part of the move cache on external storage and an identification of the latest externally stored part. When a rights object with a RITS before the time on which the last export took place is delivered out-of-band or reinstalled from off-device storage, and the move cache 22 does not indicate that the rights object has been moved, the device 20 should also request the externally stored part of the move cache, verify its integrity, verify that it is the latest externally stored part and verify if the rights object has been moved.
- the rights object should not be installed. If the move cache 22 indicates that the rights object has been moved, the rights object should not be installed. Otherwise the rights object is installed. If a rights object with a RITS equal to the time on which the last export took place is delivered out-of-band or restored from a backup, both the move cache and the externally stored part should be consulted.
- Embodiments of the present invention allow the use of both move and backup of rights in the OMA DRM family, but avoids the danger of duplicating the rights. This may increase user experience and user acceptance, since a backup of rights does not lead to any restrictions. Due to its flexibility, safety and performance, the present invention is particularly suitable for DRM applications.
- the inventive DRM method may be implemented in hardware or in software.
- the implementation may be done on a digital storage medium, particularly a disc, a DVD or a CD with electronically readable control signals, which may co-operate with a programmable computer system such that the method is executed.
- the invention also consists in a computer program product with a program code stored on a machine-readable carrier .for performing the inventive method when the computer program product runs on a computer and/or microcontroller.
- the invention may, thus, be realized as a computer program with a program code for performing the method when a computer program runs on a computer and/or microcontroller.
Abstract
Description
Claims
Priority Applications (10)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2010513789A JP5322065B2 (en) | 2007-07-05 | 2008-07-03 | Apparatus and method for digital rights management |
US12/667,250 US8863306B2 (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
BRPI0812660-7A BRPI0812660B1 (en) | 2007-07-05 | 2008-07-03 | DIGITAL RIGHTS MANAGEMENT DEVICE AND METHOD |
EP08773854.8A EP2176807B1 (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
KR1020107002041A KR101124866B1 (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
CA2691805A CA2691805C (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
MX2009014173A MX2009014173A (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management. |
RU2009148648/08A RU2476928C2 (en) | 2007-07-05 | 2008-07-03 | Method and apparatus for digital rights management |
CN200880023127.8A CN101720471B (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
TW097125380A TWI461956B (en) | 2007-07-05 | 2008-07-04 | Device and method for digital rights management |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US94807807P | 2007-07-05 | 2007-07-05 | |
US60/948,078 | 2007-07-05 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2009003708A1 true WO2009003708A1 (en) | 2009-01-08 |
Family
ID=39758854
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2008/005448 WO2009003708A1 (en) | 2007-07-05 | 2008-07-03 | Device and method for digital rights management |
Country Status (11)
Country | Link |
---|---|
US (1) | US8863306B2 (en) |
EP (1) | EP2176807B1 (en) |
JP (2) | JP5322065B2 (en) |
KR (1) | KR101124866B1 (en) |
CN (1) | CN101720471B (en) |
BR (1) | BRPI0812660B1 (en) |
CA (1) | CA2691805C (en) |
MX (1) | MX2009014173A (en) |
RU (1) | RU2476928C2 (en) |
TW (1) | TWI461956B (en) |
WO (1) | WO2009003708A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102804193A (en) * | 2009-06-16 | 2012-11-28 | 安蒂克斯实验室有限公司 | Rights managed distributable software |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100948384B1 (en) * | 2006-11-29 | 2010-03-22 | 삼성전자주식회사 | Method for moving rights object and device that is moving rights object and portable storage device |
KR101486377B1 (en) * | 2007-08-31 | 2015-01-26 | 엘지전자 주식회사 | Method for supporting post browsing in moving rights object of digital rights management and terminal thereof |
KR101000693B1 (en) * | 2008-10-21 | 2010-12-10 | 엘지전자 주식회사 | Method For Moving Rights object into Other Device IN Digital Right Management |
US20100106610A1 (en) * | 2008-10-23 | 2010-04-29 | Nokia Corporation | Method and apparatus for transferring media |
US9529733B1 (en) * | 2014-09-18 | 2016-12-27 | Symantec Corporation | Systems and methods for securely accessing encrypted data stores |
US20160253501A1 (en) * | 2015-02-26 | 2016-09-01 | Dell Products, Lp | Method for Detecting a Unified Extensible Firmware Interface Protocol Reload Attack and System Therefor |
US10367643B2 (en) | 2016-03-28 | 2019-07-30 | Symantec Corporation | Systems and methods for managing encryption keys for single-sign-on applications |
US10540511B2 (en) * | 2016-03-31 | 2020-01-21 | Intralinks, Inc. | Information rights management offline file access facility |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030074569A1 (en) * | 2001-04-12 | 2003-04-17 | Kenichi Yamauchi | Data backup method and storage medium for use with content reproduction apparatus |
WO2004038568A2 (en) * | 2002-10-22 | 2004-05-06 | Koninklijke Philips Electronics N.V. | Method and device for authorizing content operations |
US20070056042A1 (en) * | 2005-09-08 | 2007-03-08 | Bahman Qawami | Mobile memory system for secure storage and delivery of media content |
WO2007036831A2 (en) * | 2005-09-30 | 2007-04-05 | Koninklijke Philips Electronics N.V. | Improved drm system |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6185546B1 (en) | 1995-10-04 | 2001-02-06 | Intel Corporation | Apparatus and method for providing secured communications |
US5473692A (en) * | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
RU2155984C1 (en) * | 1999-12-02 | 2000-09-10 | Зао "Диско" | Method for providing internet-based paid services, which concern use of software |
US7260715B1 (en) * | 1999-12-09 | 2007-08-21 | Koninklijke Philips Electronics N.V. | Method and apparatus for revocation list management |
US7191332B1 (en) | 2003-05-20 | 2007-03-13 | Sprint Communications Company L.P. | Digital rights management for multicasting content distribution |
US7594275B2 (en) | 2003-10-14 | 2009-09-22 | Microsoft Corporation | Digital rights management system |
TWI256212B (en) | 2003-11-05 | 2006-06-01 | Ind Tech Res Inst | Architecture and method of multilayered DRM protection for multimedia service |
US7185195B2 (en) | 2003-12-14 | 2007-02-27 | Realnetworks, Inc. | Certificate based digital rights management |
KR101254209B1 (en) | 2004-03-22 | 2013-04-23 | 삼성전자주식회사 | Apparatus and method for moving and copying right objects between device and portable storage device |
JP4519574B2 (en) * | 2004-08-27 | 2010-08-04 | ソフトバンクモバイル株式会社 | Mobile communication system |
US20060064756A1 (en) | 2004-09-17 | 2006-03-23 | Ebert Robert F | Digital rights management system based on hardware identification |
KR100666941B1 (en) * | 2005-01-07 | 2007-01-11 | 삼성전자주식회사 | Method for Managing duplicated downloading the Identical Contents |
FR2882210B1 (en) * | 2005-02-11 | 2007-05-11 | Viaccess Sa | METHOD FOR PROTECTING A DIGITAL RIGHTS FILE |
TWI281825B (en) | 2005-10-18 | 2007-05-21 | Univ Nat Taiwan | Right management system and method for digital broadcasting |
KR100746030B1 (en) * | 2006-02-06 | 2007-08-06 | 삼성전자주식회사 | Method and apparatus for generating rights object with representation by commitment |
KR101346734B1 (en) * | 2006-05-12 | 2014-01-03 | 삼성전자주식회사 | Multi certificate revocation list support method and apparatus for digital rights management |
-
2008
- 2008-07-03 BR BRPI0812660-7A patent/BRPI0812660B1/en active IP Right Grant
- 2008-07-03 US US12/667,250 patent/US8863306B2/en active Active
- 2008-07-03 CN CN200880023127.8A patent/CN101720471B/en active Active
- 2008-07-03 KR KR1020107002041A patent/KR101124866B1/en active IP Right Grant
- 2008-07-03 CA CA2691805A patent/CA2691805C/en active Active
- 2008-07-03 WO PCT/EP2008/005448 patent/WO2009003708A1/en active Application Filing
- 2008-07-03 RU RU2009148648/08A patent/RU2476928C2/en active
- 2008-07-03 MX MX2009014173A patent/MX2009014173A/en active IP Right Grant
- 2008-07-03 JP JP2010513789A patent/JP5322065B2/en active Active
- 2008-07-03 EP EP08773854.8A patent/EP2176807B1/en active Active
- 2008-07-04 TW TW097125380A patent/TWI461956B/en active
-
2013
- 2013-03-27 JP JP2013066391A patent/JP5674063B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030074569A1 (en) * | 2001-04-12 | 2003-04-17 | Kenichi Yamauchi | Data backup method and storage medium for use with content reproduction apparatus |
WO2004038568A2 (en) * | 2002-10-22 | 2004-05-06 | Koninklijke Philips Electronics N.V. | Method and device for authorizing content operations |
US20070056042A1 (en) * | 2005-09-08 | 2007-03-08 | Bahman Qawami | Mobile memory system for secure storage and delivery of media content |
WO2007036831A2 (en) * | 2005-09-30 | 2007-04-05 | Koninklijke Philips Electronics N.V. | Improved drm system |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102804193A (en) * | 2009-06-16 | 2012-11-28 | 安蒂克斯实验室有限公司 | Rights managed distributable software |
Also Published As
Publication number | Publication date |
---|---|
CN101720471B (en) | 2012-07-04 |
CN101720471A (en) | 2010-06-02 |
MX2009014173A (en) | 2010-03-04 |
CA2691805C (en) | 2018-10-02 |
JP2013149268A (en) | 2013-08-01 |
KR20100025588A (en) | 2010-03-09 |
JP5674063B2 (en) | 2015-02-25 |
CA2691805A1 (en) | 2009-01-08 |
US8863306B2 (en) | 2014-10-14 |
BRPI0812660B1 (en) | 2019-05-21 |
EP2176807A1 (en) | 2010-04-21 |
BRPI0812660A2 (en) | 2014-12-23 |
RU2009148648A (en) | 2011-08-10 |
TW200907744A (en) | 2009-02-16 |
EP2176807B1 (en) | 2018-01-24 |
KR101124866B1 (en) | 2012-03-27 |
US20100212022A1 (en) | 2010-08-19 |
JP5322065B2 (en) | 2013-10-23 |
TWI461956B (en) | 2014-11-21 |
JP2010532508A (en) | 2010-10-07 |
RU2476928C2 (en) | 2013-02-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2176807B1 (en) | Device and method for digital rights management | |
US8443207B2 (en) | File system filter authentication | |
US7536725B2 (en) | Authentication of content download | |
US10204235B2 (en) | Content item encryption on mobile devices | |
US9098684B2 (en) | Device and portable storage device which are capable of transferring rights object, and a method of transferring rights object | |
US20080250082A1 (en) | Method of Backing Up and Restoring Data in a Computing Device | |
US20140358938A1 (en) | File upload based on hash value comparison | |
AU2004271645A1 (en) | Authentication of content download | |
US20090172825A1 (en) | Method and apparatus for updating revocation list and reproducing encrypted content | |
US9276935B2 (en) | Domain manager for extending digital-media longevity | |
US20040098341A1 (en) | Method for renting video and audio media through the internet | |
US8752205B2 (en) | Apparatus and method for managing digital rights management contents in portable terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200880023127.8 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08773854 Country of ref document: EP Kind code of ref document: A1 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: MX/A/2009/014173 Country of ref document: MX |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2691805 Country of ref document: CA Ref document number: 2008773854 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 4557/KOLNP/2009 Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010513789 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20107002041 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2009148648 Country of ref document: RU |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12667250 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: PI0812660 Country of ref document: BR Kind code of ref document: A2 Effective date: 20100104 |